Appl. No. 10/672,184 . - 

Amdt . dated September 13, 2007 

Reply to Office Action of June 13, 2007 

This listing of claims replaces all prior versions, and 
listings of claims in the instant application: 

Listing of Claims t 

1. (Currently Amended) A method for application 
program obfuscation, comprising: 



receiving , on an application program provider, a 
reference to a decryption algorithm and a first 
cryptographic key; 

creating , on said application program provider, 
a key decryption program comprising an instruction 
stream, said key decryption program configured to 
perform said decryption algorithm for said first 
cryptographic key; 

app 1 y i ng , on said application program provider, 
a cryptographic process to a second cryptographic key 
together with oaid firot cryptographic key to create 
an encrypted second cryptographic key wherein said 
cryptographic process receives said first and second 
cryptographic keys as inputs ; 

sera mb 1 i ng , on said application program 
provider, said encrypted second cryptographic key 
into said instruction stream using a code obfuscation 
method indicated by an obfuscation descriptor, said 
scrambling creating an obfuscated key decryption 
program, said obfuscation descriptor based at least 
in part on a target ID wherein said target ID 
specifies a user device for executing an obfuscated 
application program ; and 

sending , from said application program provider, 
said obfuscated key decryption program. 
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2 . 



(Original) The method of claim 1, further 



comprising sending digital content protected by said second 
cryptographic key. 
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3. (Original) The method of claim 2, further 
comprising sending said obfuscated key decryption program 
together with said digital content. 

4. (Original) The method of claim 1 wherein said 
target ID comprises a VM ID. 

5. (Withdrawn) A method for application program 
obf uscation, comprising : 

receiving an obfuscated key decryption program 
comprising an instruction stream configured to perform 
a decryption algorithm for a first cryptographic key, 
said obfuscated decryption program having an encrypted 
second cryptographic key scrambled in said instruction 
stream, said second cryptographic key encrypted with 
said first cryptographic key; 

executing said program to decrypt said second 
cryptographic key; and 

decrypting digital content using said second 
cryptographic key. 

6. (Currently Amended) A program storage device 
readable by a machine, embodying a program of instructions 
executable by the machine to perform a method for 
application program obf uscation, the method comprising: 



receiving , on an application program provider, a 
reference to a decryption algorithm and a first 
cryptographic key; 

creating , on said application program provider, 
a key decryption program comprising an instruction 
stream, said key decryption program configured to 
perform said decryption algorithm for said first 
cryptographic key; 
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applying , on said application program provider, 
a cryptographic process to a second cryptographic key 
together with said first cryptographic key to create 
an encrypted second cryptographic key wherein said 
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cryptographic process receives said first and second 
cryptographic keys as inputs ; 

scrambling , on said application program 
provider, said encrypted second cryptographic key 
into said instruction stream using a code obfuscation 
method indicated by an obfuscation descriptor, said 
scrambling creating an obfuscated key decryption 
program, said obfuscation descriptor based at least 
in part on a target ID wherein said target ID 
specifies a user device for executing an obfuscated 
application program ; and 

sending , from said application program provider, 
said obfuscated key decryption program. 

7. (Original) The program storage device of claim 6, 
said method further comprising sending digital content 
protected by said second cryptographic key. 

8. (Original) The program storage device of claim 7, 
said method further comprising sending said obfuscated key 
decryption program together with said digital content . 

9. (Original) The program storage device of claim 6 
wherein said target ID comprises a VM ID. 

10. (Withdrawn) A program storage device readable by 
a machine, embodying a program of instructions executable by 
the machine to perform a method for application program 
obfuscation, the method comprising: 

receiving an obfuscated key decryption program 
comprising an instruction stream configured to perform 
a decryption algorithm for a first cryptographic key, 
said obfuscated decryption program having an encrypted 



GUNNISON, McKAY A 

HODGSON, L.L.P. 
Garden Wcsi Office Plaza 
1900 Garden Road. Suite 220 
Monterey. CA 93940 

(831)655-0880 
Fax (831)655-0888 



second cryptographic key scrambled in said instruction 
stream, said second cryptographic key encrypted with 
said first cryptographic key; 
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executing said program to decrypt said second 
cryptographic key; and 

decrypting digital content using said second 
cryptographic key. 

11. (Currently Amended) An apparatus for application 
program obfuscation, comprising: 
a processor; and 

a memory, coupled to said processor, having stored 
therein computer readable instructions wherein 
executing said computer readable instructions on said 
processor provides: 

means for receiving , on an application 
program provider, a reference to a decryption 
algorithm and a first cryptographic key; 

means for creating , on said said apparatus, a 
key decryption program comprising an instruction 
stream, said key decryption program configured to 
perform said decryption algorithm for said first 
cryptographic key;. 

means for applying , on said apparatus, a 
cryptographic process to a second cryptographic 
key together with oaid firot — cryptographic key to 
create an encrypted second cryptographic key 
wherein said cryptographic process receives said 
first and second cryptographic keys as inputs ; 

means for scrambling , on said apparatus, said 
encrypted second cryptographic key into said 
instruction stream using a code obfuscation method 
indicated by an obfuscation descriptor, said 
scrambling creating an obfuscated key decryption 
program, said obfuscation descriptor based at 
least in part on a target ID wherein said target 
ID specifies a user device for executing an 
obfuscated application program ; and 

means for sending , from said apparatus, said 
obfuscated key decryption program. 
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12. (Original) The apparatus of claim 11, further 
comprising means for sending digital content protected by- 
said second cryptographic key. 

13. (Original) The apparatus of claim 12, further 
comprising means for sending said obfuscated key decryption 
program together with said digital content. 

14. (Original) The apparatus of claim 11 wherein said 
target ID comprises a VM ID. 

15. (Withdrawn) An apparatus for application program 
obf uscation, comprising : 

means for receiving an obfuscated key 
decryption program comprising an instruction 
stream configured to perform a decryption 
algorithm for a first cryptographic key, said 
obfuscated decryption program having an encrypted 
second cryptographic key scrambled in said 
instruction stream, said second cryptographic key 
encrypted with said first cryptographic key; 

means for executing said program to decrypt 
said second cryptographic key; and 

means for decrypting digital content using 
said second cryptographic key. 

16. (Currently Amended) An apparatus for application 
program obfuscation, comprising an application program 
provider comprising : 

a processor; and 

a memory, coupled to said processor, having stored 
therein computer readable instructions wherein 
executing said computer readable instructions on said 
application program provider is configured to: 
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receive , on an application program provider, 
a reference to a decryption algorithm and a first 
cryptographic key; 

create , on said application program provider, 
a key decryption program comprising an instruction 
stream, said key decryption program configured to 
perform said decryption algorithm for said first 
cryptographic key; 

app 1 y, on said application program provider, 
a cryptographic process to a second cryptographic 
key together with said firot cryptographic key to 
create an encrypted second cryptographic key 
wherein said cryptographic process receives said 
first and second cryptographic keys as inputs ; 

scramble , on said application program 
provider, said encrypted second cryptographic key 
into said instruction stream using a code 
obfuscation method indicated by an obfuscation 
descriptor, said scrambling creating an obfuscated 
key decryption program, said obfuscation 
descriptor based at least in part on a target ID 
wherein said target ID specifies a user device for 
executing an obfuscated application program ; and 
send , from said application program provider, 
said obfuscated key decryption program. 
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17. (Original) The apparatus of claim 16, said 
application program provider further configured to send 
digital content protected by said second cryptographic key. 

18. (Original) The apparatus of claim 17, said 
application program provider further configured to send said 
obfuscated key decryption program together with said digital 
content . 

19. (Original) The apparatus of claim 16 wherein said 
target ID comprises a VM ID. 
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20. (Withdrawn) An apparatus for application program 
obfuscation, comprising a target device configured to: 

receive an obfuscated key decryption program 
comprising an instruction stream configured to perform 
a decryption algorithm for a first cryptographic key, 
said obfuscated decryption program having an encrypted 
second cryptographic key scrambled in said instruction 
stream, said second cryptographic key encrypted with 
said first cryptographic key; 

execute said program to decrypt said second 
cryptographic key; and 

decrypt digital content using said second 
cryptographic key. 
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